Hey there. It appears you don't have Flash installed or Flash is Disabled (Text Only). Please install Flash Player 8 or higher
Minda Incorporated (Minda) is committed to the protection of personal privacy and has adopted a set of privacy principles based on the new privacy provisions in the Privacy Act 1988.
The National Privacy Principles contained in the Privacy Act regulate the following aspects of personal information :
This policy explains the principles that Minda has taken to protect information about individuals. The principles deal with the collection, storage and use of information about individuals.
This policy determines the principles for handling information so that appropriate rights of privacy and confidentiality are respected whilst the legislation is adhered to.
Information consists of:
> Personal Information which is information or an opinion (including information or an opinion forming part of a database) whether, true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
> Sensitive information
This is information which includes information or an opinion about an individual’s
It also refers to health information about an individual. This is information about an individual’s health or disability.
All information collected in the course or providing a health service is “health information”, and includes information or an opinion about disability of an individual. Under the legislation, this is classified as “sensitive” information to which higher privacy standards apply.
“Health information” includes any information or opinion about an individuals:
“Health information” also includes any other information collected by a health provider in the course of providing treatment and care to an individual.
An organisation collects personal information if it gathers, acquires or obtains information from any source, by any means, in circumstances where the individual is identified or identifiable. It includes information:
> An organisation comes across by accident or has not asked for, but netherless keeps; or
> Information the organisation receives directly from the individual; or
> Information about an individual that an organisation receives from someone else.
An organisation discloses information when it releases information outside the organisation. This includes:
> An organisation giving another organisation information under contract to carry out an outsourced function; or
> Selling information to another organisation.
Minda Inc., is committed to the following set of privacy principles:-
Minda will only collect personal information that is necessary for one or more of its legitimate functions or activities.
Minda will only collect personal information by lawful and fair means not in an unreasonably intrusive way.
At or before the time Minda collects personal information from the individual, Minda will take reasonable steps to ensure that the individual is aware of;
a) Minda’s identity;
b) The fact that he or she is able to gain access to the information;
c) The purposes for which the information is collected;
d) To whom (or the types of individuals or organisations to which) Minda usually discloses information of this kind;
e) Any law that requires the particular information to be collected; and
f) The main consequences (if any) for the individual if all or part of the information is not provided.
Where it is reasonable and practicable to do so, Minda will collect personal information directly from the individual.
Where Minda collects personal information from a third party, Minda will take reasonable steps to ensure that the individual is or has been made aware of the matters listed from (a) to (f) above.
2.1 Minda cannot disclose personal information about an individual for a purpose other than the primary purpose unless :
a) Both of the following apply:
i. Secondary purpose is related; and
ii. The individual would reasonably expect Minda to use or disclose information for the secondary purpose; or
b) The individual has given consent; or
c) Minda uses personal information for the purpose of direct marketing not associated with the original purpose of collections; and
i. it is impracticable to seek consent before use; and
ii. Minda gives the individual opportunity at the time of the first contact, and after upon request, and at no cost, to decline to receive any further direct marketing communications; or
d) If the information is health related and the use or disclosure is necessary for research; and
i. It is impracticable to seek consent before use; and
ii. The use or disclosure is in accordance to section 95A of privacy Act; or
e) Minda has reason to suspect that unlawful activity has been, is or may be engaged in, and uses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons authorities; or
f) the use is required or specifically authorised by law; or
g) the use is reasonably necessary for the enforcement of the criminal law, a law imposing a pecuniary penalty, or for the protection of the public revenue.
2.2 If Minda uses or discloses personal information under paragraph 2.1(g) it must make a written note of use or disclosure
2.3 Subclause 2.1 operates in relation to personal information that an organisation that is a body corporate has collected from a related body corporate as if the organisation’s primary purpose of collection of the information were the primary purpose for which the related body corporate collected the information.
2.4 Despite subclause 2.1, an organisation that provides a health service to an individual may disclose health information about the individual to a person who is responsible for the individual if :(a) the individual:
i. is physically or legally incapable of giving consent to the disclosure; or
ii. physically cannot communicate consent to the disclosure, and
(b) The carer providing the health service for the organisation is satisfied that either
i. the disclosure is necessary to provide appropriate care or treatment of the individual, or
ii. the disclosure is made for compassionate reasons; and
(c) the disclosure is not contrary to any wish:
i. expressed by the individual before the individual became unable to provide consent; and
ii. of which the carer is aware, or reasonably be expected to be aware; and
iii. the disclosure is limited to the extent reasonable and necessary for a purpose mentioned in paragraph (b).
2.5 For the purposes of subclause 2.4, a person is responsible for an individual if the person is :
(a) a parent of the individual; or
(b) a child or sibling of the individual at least 18 years old; or
(c) a spouse or de facto spouse of the individual; or
(d) a relative of the individual, at least 18 years old and a member of the individual’s household; or
(e) a guardian of the individual; or
(f) exersising an enduring power of attorney granted by the individual that is exercisable in relation to discuss about the individuals health; or
(g) a person who has an intimate personal relationship with the individual; or
(h) a person nominated by the individual to be contacted in case of an emergency.
Minda will take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up to date.
Minda must take reasonable steps to protect the personal information it holds from loss and misuse and from unauthorised access, modification or disclosure.
Minda must take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed under National Privacy Principle 2.
Minda must ensure that this document be made available to anyone who requests it.
On request by a person, Minda must take reasonable steps to let the person know, generally, what sort of information it holds, for what purposes, and how it collects, holds, uses and discloses that information.
7.1 Where Minda holds information about an individual, it must provide the individual access to the information requested by the individual, except to the extent that:
a) in the case of personal information other than health information - providing access would pose a serious threat to the life or health of any individual; or
b) in the case of health information – providing access would pose a serious threat to the life or health of any individual; or
c) providing access wold have an unreasonable impact upon the privacy of other individuals; or
d) the request for access is frivolous or vexatious; or
e) the information relates to existing or anticipated legal proceedings between the organisation and the individual; or
f) providing access would reveal the intentions of the organisation in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
g) providng access would be unlawful; or
h) denying access is required or authorised by or under law; or
i) providng access would be likely to prejudice an investigation of possible unlawful activity; or
j) providing access would be likely to prejudice:
i. the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of law imposing a penalty or sanction or breaches of a prescribed law; or
ii. the enforcement laws relating to the confiscation of the proceeds of crime; or
iii. the protection of the public revenue; or
iv. the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct; or
v. the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of its orders;
by or on behalf of an enforcement body; or
k) an enforcement body performing a lawful security function asks Minda not to provide access to the information on the basis that providing access would be likely to cause damage to the security of Australia.
7.2 Where providing access would reveal evaluative information generated within Minda in connection with a commercially sensitive decision-making process, Minda may give the individual an explanation for the commercially sensitive decision rather than direct access to the information.
7.3 If Minda is not required to provide the individual with access to the information because of one or more of paragraphs 6(a) to (k) (inclusive), Minda must if reasonable, consider whether the use of mutually agreed intermediaries would allow sufficient access to meet the needs of both parties.
7.4 If Minda charges access to the information those charges:
a) must not be excessive; and
b) must not apply to lodging a request for access.
7.5 If Minda holds personal information about an individual and the individual is able to establish that the information is not accurate, complete and up-to-date, Minda must take reasonable steps to correct the information so that it is accurate, complete and up to date.
7.6 If the individual and Minda disagree about whether the information is accurate, complete and up-to-date, and the individual asks Minda to associate with the information a statement claiming that the information is not accurate, complete or up-to-date, Minda must take reasonable steps to do so.
7.7 Minda must provide reasons for denial of access or refusal to correct personal information.
8.1 Minda must not adopt as its own identifier of an individual an identifier of the individual that has been assigned by:
a) an agency; or
b) an agent of an agency acting in its capacity as agent; or
c) a contracted service provider for a Commonwealth contract acting in its capacity as contracted service provider for that contract.
8.1A However, subclause 7.1 does not apply to the adoption by a prescribed organisation of a prescribed identifier in prescribed circumstances.
8.2 Minda must not use or disclose an identifier assigned to an individual by an agency, or by an agent or contracted service provider mentioned in subclause 8.1, unless:
a) the use or disclosure is necessary for the organisation to fulfil its obligations to the agency; or
b) one or more of paragraphs 2.1(e) to (g) (inclusive) apply to the use or disclosure; or
c) the use or disclosure is by a prescribed organisation of a prescribed identifier in prescribed circumstances.
8.3 In this clause:
Identifier includes a number assigned by an organisation to an individual to identify uniquely the individual for the purposes of Minda’s operations. However, an individual’s name or ABN (as defined in the A New Tax System (Australian Business Number) Act 1999) is not an identifier.
Wherever it is lawful and practicable, individuals must have the option of not identifying themselves when entering transactions with Minda.
10.1 Minda will not transfer personal data outside Australia unless:
a) Minda reasonably believes that the recipient of the information is subject to law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the National privacy Principles; or
b) The individual consents to the transfer; or
c) The transfer is necessary for the performance of a contract between the individual and Minda, or for the implementation of pre-contractual measures taken in response to the individual’s request; or
d) The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between Minda and a third party; or
e) All of the following apply:
i. the transfer is for the benefit of the individual;
ii. it is impracticable to obtain the consent of the individual to that transfer;
iii. if it were practicable to obtain such consent, the individual would be likely to give it; or
f) Minda has taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the National Privacy Principles.
11.1 Minda must not collect sensitive information about an individual unless:
a) the individual has consented; or
b) the collection is required by law; or
c) the collection is necessary to prevent or lessen a serious and imminent threat to the life or health of any individual, where the individual whom the information concerns is physically or legally incapable of giving consent; or
d) if the information is collected by Minda, being a non-profit organisation, the following conditions are satisfied:
i. the information relates soley to the members of the organisation or to individuals who have regular contact with Minda in connection with its activities;
ii. at or before the time of collecting the information, Minda undertakes to the individual whom the information concerns that we will not disclose the information without the individuals consent; or
e) the collection is necessary for the establishment, exercise or defence of a legal or equitable claim.
11.2 Despite subclasue 10.1, Minda may collect health information about an individual if:
(a) the information is necessary to provide a health service to the individual; and
(b) the information is collected:
i. as required by law (other than this Act); or
ii. in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind the organisation.
11.3 Despite subclause 11.1, Minda may collect health information about an individual if:
a) the collection is necessary for any of the following purposes:
i. research relevant to public health or safety;
ii. the compilation or analysis of statistics relevant to public health or safety;
iii. the management, funding or monitoring of a health service; and
b) that purpose cannot be served by the collection of information that does not identify the individual from which the individual’s identity cannot reasonably be ascertained; and
c) it is impracticable for the organisation to seek the individual’s consent to the collection; and
d) the information is collected:
i. as required by law (other than this Act); or
ii. in accordance with the rules established by competent health
11.4.1 If Minda collects health information about an individual in accordance with subclause 10.3, the organisation must take reasonable steps to permanently de-identify the information before Minda discloses it.
11.4 In this clause :
Non-profit organisation means a non-profit organisation that has only racial, ethnic, political, religious, philosophical, professional, trade or trade union aims.
For further information relating to Minda's Privacy Policy, please contact the Minda's Privacy Officer on 8422 6200.